From: Rob Shein (shoten@starpower.net)
Date: Wed Mar 19 2003 - 12:44:42 EST
I know of several academic documents that outline places to start looking,
but I know of no pen-testing tools as of yet. What's your ultimate goal
here? Some wired-side vulnerabilities have been found in access points
(like Red-M's product, for example, which has a TFTP server you can't turn
off...lovely for brute force password attacks).
For documents, I know a few good ones:
http://ece.gmu.edu/courses/ECE543/presentationsF01/pachpa_bluetooth.pdf
(good overview)
http://www.giac.org/practical/GSEC/Tu_Niem_GSEC.pdf (good refs at end)
http://www.rsasecurity.com/rsalabs/staff/bios/mjakobsson/bluetooth/bluetooth
.pdf (the really good one)
> -----Original Message-----
> From: gilles.lami@hays-dsia.fr [mailto:gilles.lami@hays-dsia.fr]
> Sent: Wednesday, March 19, 2003 6:16 AM
> To: pen-test@securityfocus.com
> Subject: Bluetooth
>
>
> Hello pen-testers,
>
> We all know tools to test wifi 802.11 techno ( a wireless
> card, a pignail, an antenna and airsnort, netstumbler, and
> other Windows or Linux tools )
>
> But does anyone know tools or documents to test bluetooth
> technology ( 802.15 ) ? Any help greatly appreciated.
>
> Cordialement / Regards
> Gilles LAMI
>
>
>
>
> **********************************************************************
> Ce message electronique et tous les fichiers attaches qu'il
> contient sont confidentiels et destines exclusivement a
> l'usage de la personne a laquelle ils sont adresses. Si vous
> avez recu ce message par erreur,merci de le retourner a son
> emetteur. Les idees et opinions presentees dans ce messages
> sont celles de son auteur, et ne representent pas
> necessairement celles du Groupe HAYS plc ou d'une quelconque
> de ses filiales. La publication, l'usage, la distribution,
> l'impression ou la copie non autorisee de ce message et des
> attachements qu'il contient sont strictement interdits.
>
> Nous vous informons egalement que nous avons verifie
> l'absence de virus dans ce message mais que, malgre ce
> controle, nous ne saurions etre tenus pour responsables
> d'eventuels degats occasionnes par un virus non detecte.
>
> This e-mail and any attached files are confidential and
> intended solely for the use of the individual to whom it is
> addressed. If you have received this email in error please
> send it back to the person that sent it to you. Any views or
> opinions presented are solely those of author and do not
> necessarily represent those the HAYS plc group or any of its
> subsidiary companies. Unauthorized publication, use,
> dissemination, forwarding, printing or copying of this email
> and its associated attachments is strictly prohibited.
>
> We also inform you that we have checked that this message
> does not contain any virus but we decline any responsability
> in case of any damage caused by an a non detected virus.
> **********************************************************************
>
>
> --------------------------------------------------------------
> --------------
> Did you know that you have VNC running on your network?
> Your hacker does. Plug your security holes now!
> Download a free 15-day trial of VAM:
> http://www2.stillsecure.com/download/sf_vuln_l> ist.html
>
----------------------------------------------------------------------------
Did you know that you have VNC running on your network?
Your hacker does. Plug your security holes now!
Download a free 15-day trial of VAM:
http://www2.stillsecure.com/download/sf_vuln_list.html
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:31 EDT